On 11.01.18 10:15, MRob wrote:
I use reject_unknown_helo_hostname even though it rejects legitimate
mail, it also catches a reasonable amount of bad things.
I want to whitelist some clients of course. I thought it should be easy:
/etc/postfix/main.cf
smtpd_helo_restrictions =
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
smtpd_client_restrictions =
reject_unauth_pipelining
check_client_access hash:/etc/postfix/ok_clients
you must put "check_client_access hash:/etc/postfix/ok_clients" at the
begin, or at least before reject_unknown_helo_hostname
Yet, from this client I still get this:
NOQUEUE: reject: RCPT from fqdn.example.com[999.999.999.999]: 450
4.7.1 <not.existing.host.name>: Helo command rejected: Host not
found;
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
